#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
Get the Free Newsletter
Colonial Pipeline | Breaking Cybersecurity News | The Hacker News
U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack
May 10, 2022
The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year. The $986,400 penalty is the result of an inspection conducted by the regulator of the pipeline operator's control room management ( CRM ) procedures from January through November 2020. The PHMSA said that "a probable failure to adequately plan and prepare for manual shutdown and restart of its pipeline system [...] contributed to the national impacts when the pipeline remained out of service after the May 2021 cyberattack." Colonial Pipeline, operator of the largest U.S. fuel pipeline, was forced to temporarily take its systems offline in the wake of a DarkSide ransomware attack in early May 2021, disrupting gas supply and prompting a regional emergency declaration across 17 states. The inciden
U.S. Recovers $2.3 Million Ransom Paid to Colonial Pipeline Hackers
Jun 08, 2021
In a major blow, the U.S. Department of Justice on Monday said it has recovered 63.7 bitcoins (currently valued at $2.3 million) paid by Colonial Pipeline to the DarkSide ransomware extortionists on May 8, pursuant to a seizure warrant that was authorized by the Northern District of California. The ransomware attack also hobbled the pipeline company's fuel supply, prompting the government to issue an emergency declaration , even as the company shelled out a ransom amount of approximately 75 bitcoins ($4.4 million as of May 8) to regain access to its systems. A week after the highly publicized incident, the ransomware-as-a-service syndicate disbanded with a May 14 farewell message to affiliates, stating that its internet servers and cryptocurrency stash were seized by unknown law enforcement entities. While DarkSide's announcement was perceived as an exit scam, the latest move from DoJ confirms earlier speculations of law enforcement involvement. Stating that "
Guide: How to Minimize Third-Party Risk With Vendor Management
Vendor Risk Management
Manage third-party risk while dealing with challenges like limited resources and repetitive manual processes.
How to Handle Retail SaaS Security on Cyber Monday
Nov 27, 2023
SaaS Security / Cyber Monday
If forecasters are right, over the course of today, consumers will spend $13.7 billion . Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information. SaaS applications supporting retail efforts will host nearly all of this behind-the-scenes activity. While retailers are rightfully focused on sales during this time of year, they need to ensure that the SaaS apps supporting their business operations are secure. No one wants a repeat of one of the biggest retail cyber-snafus in history, like when one U.S.-based national retailer had 40 million credit card records stolen. The attack surface is vast and retailers must remain vigilant in protecting their entire SaaS app stack. For example, many often use multiple instances of the same application. They may use a different Salesforce tenant for eve
Hackers Breached Colonial Pipeline Using Compromised VPN Password
Jun 07, 2021
The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed. The development, which was reported by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as April 29 through the VPN account, which allowed employees to access the company's networks remotely. The VPN login — which didn't have multi-factor protections on — was unused but active at the time of the attack, the report said, adding the password has since been discovered inside a batch of leaked passwords on the dark web, suggesting that an employee of the company may have reused the same password on another account that was previously breached. It's, however, unclear how the password was obtained, Charles Carmakal, senior vice president at the cybersecurity firm Mandiant, was quoted a
Befriend Your Mom with Technology
Explain cybersecurity with Moonlock
Discover Our Unparalleled Threat Detection Capabilities
Try Fidelis Elevate for 30 days and discover threats your current provider missed.
Webinar: A New Approach to Mitigating Insider Risks
Learn how you can easily mitigate the modern security risks introduced by your employees.
Advance in the Field of Cybersecurity with Georgetown
Learn cybersecurity strategies from the experts. Attend a sample class on Nov. 30.
Join 120,000+ Professionals
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.